Discussion in 'OT Technology' started by P07r0457, Jun 11, 2008.
1) If a computer is doing life support, and it runs windows... people are gonna die. Nobody uses windows for things that important, and they should die if they do.
2) Why would killing the worm process cause life support to stop, on a hypothetical system?
3) Killing a process that important shouldn't stop a program - they should be smart enough to respawn/restart. I did some work on this in highschool converting backhoe to C/Shared Memory for programs critical like that so they can't just be kilt.
4) If they can take back a botnet - they should.
What can happen if you're not careful with that type of tactic.
In the early 90s there was a fad - finger any system/account that fingers you. The finger wars that followed whenever two such systems fingered one another were humorous, but brief.
Many hospitals do.
It's a what-if. Sometimes attempting to kill a bad process (such as one that I recall infected a RPC thread) and it would shut the machine down.
that particular botnet they refer to has a network-update function so they would update the bot with a benign version and force-kill it. It would not come back then.
I don't like the idea of people modifying data on my machine without my knowledge/permission. I even disable automatic windows updates.
/me slaps peyomp with a rather large trout
I don't believe they run windows for life support. Link they.
last time i was in a hospital i noticed windows was running on several bed-side machines.
Yeah, but those don't control life support.
if your system was a bot, you've already been compromised. if your botted system is potentially attacking other computers, i don't think you have a say anymore whether or not someone should be allowed in to stop your computer.
that article that skinjob posted is fucked up. see, that's bullshit that Media Defender is allowed to get away with that because there is very little difference between that and any other hacker that is out there. they are basically being vigilantes. the FBI should shut them down.
EDIT: oh, and back on topic. can't they use that replacement to the botnet to track down what systems are infected? shit, HBO was able to track me down when i downloaded the wire a while back on bittorrent. by the way, i'm just using this as an example and have since stopped all illegal downloading.
two wrongs don't make a right.
But how is stopping a worm on your computer a wrong? If you have it there on purpose - you're a criminal. If you were infected by accident - you're a victim and they are repairing the problem.
Two wins don't make a loss.
unauthorized access is wrong.
it isn't 2 wrongs. through your own mistake of not maintaining your computer properly, you became the one doing the wrong. i think it is wrong to let you continue to cause other people problems with your infection.
you have to understand that my machines are NOT infected. My machines are squeeky clean.
that being said it is MY responsibility to ensure MY own machines are clean. It's not YOUR job to ensure MY machines are clean.
no, i know. you put yourself in as the example, so i continued it with the generic 'you.' but, this bot detector or whatever only goes after systems that are infected. if you are infected, i think they have the right to stop you. now, who 'they' is can be problematic.
just imagine that these computers are essentially the PC equivalent of Typhoid Mary, inadvertently causing destruction. someone has to put a stop to it.
I don't see it as unauthorized access. I see it as forced treatment. We force people with TB to take long-term antibiotics if they want to be in public, lest they infect everyone around them. Same thing for computers and the public internet. Forced treatment, which is a violation of a person or a computer, is the lesser evil to rampant untreated disease.
even medically you can't really hold someone down and FORCE them to be treated.
same with computers.
You can't run up to someone and jab them in the neck with a syringe.
LOL @ life support running on a windows machine. Have you ever even seen a life support machine before? They don't even have a GUI (in the more known sense of the word). I don't know what OS they run (probably something entirely custom) but I know its sure as hell not windows. Thats laughable.
Medically, YES YOU CAN. Forced quarantine. Like I said, people with TB are forced to take continuous antibiotics. Its not optional. People come round and check, and you can be forcefully quarantined.
Yes you can. Doctors in mental wards do it all the time, under the assumption that the person is too ill to be able to rationally decide whether they want treatment. Why can't you apply that to computer-illiterate users whose computers have been zombied and they don't even know that the problem is there, much less how to fix it?
I have no problem with the notion that sometimes you just need to force people into a situation where you're comfortable that they can make an informed, rational choice whether to continue doing what they're doing or to change. Case in point: drug rehab. Nobody's saying you can't go back to snorting coke if you want to, but they're damn well going to make sure you clear your head enough to really evaluate whether that's what you want to do with your life.
Forced QUARANTINE is not the same as forced TREATMENT.
If you want QUARANTINE then the ISP can disconnect the user until the users agrees to clean the system. But that does NOT modify the users data without their permission!
That can only occur when a user is incapable of rational thought and the situation is LIFE-THREATENING and TIME-CRITICAL.
This is none of those things.
You cannot FORCE someone into drug rehab.